<?php
session_start();
include("securimage/securimage.php");
$securimage = new Securimage();
if ($securimage->check($_POST['captcha_code']) == false) {
  // the code was incorrect
  // you should handle the error so that the form processor doesn't continue

  // or you can use the following code if there is no validation or you do not know how
  echo "Nhập sai mã xác nhận.<br /><br />";
  echo "Click <a href='javascript:history.go(-1)'>Quay lại</a> và làm lại.";
  exit;
}
$id = $_REQUEST["id"];
include("include/db_connect.php");

$tid = $_POST["txtTID"];
$name = $_POST["txtName"];
$place = $_POST["txtPlace"];
$cont = $_POST["txtContent"];
$price = $_POST["txtPrice"];
$disc = $_POST["txtDiscount"];
$number = $_POST["txtNumber"];

$query = mysql_query("Select TID from dc_tour where TID = '".$tid."'");
$result = mysql_fetch_array($query);
$img_name = $_FILES["image"]["name"];
$img_type = $_FILES["image"]["type"];
$img_size = $_FILES["image"]["size"];
$img_error = $_FILES["image"]["error"];
$img_tmp = $_FILES["image"]["tmp_name"];
//echo "This is file name ".$img_name;
if($id==$tid || $result==false)
{
	if($img_name!=null)
	{
		if(($img_type=="image/jpg"||$img_type=="image/jpeg"||$img_type=="image/png"||$img_type=="image/gif")&&$img_size <1000000 && $img_error==0)
		{
			move_uploaded_file($img_tmp,"image/".$img_name);
			$url = "image/".$img_name;
			mysql_query("Update dc_tour set img_folder='".$url."' Where TID='".$id."'");
		}
	}
	if($name!=null) mysql_query("Update dc_tour set name='".$name."' Where TID='".$id."'");
	if($place!=null) mysql_query("Update dc_tour set place='".$place."' Where TID='".$id."'");
	if($cont!=null) mysql_query("Update dc_tour set content='".$cont."' Where TID='".$id."'");
	if($price!=null) mysql_query("Update dc_tour set price='".$price."' Where TID='".$id."'");
	if($disc!=null) mysql_query("Update dc_tour set discount='".$disc."' Where TID='".$id."'");
	if($number!=null) mysql_query("Update dc_tour set people='".$number."' Where TID='".$id."'");
	if($tid!=null) mysql_query("Update dc_tour set TID='".$tid."' Where TID='".$id."'");
	if($tid!=null)header("Location:tourDetail.php?id=$tid");
	else header("Location:tourDetail.php?id=$id");
}
else
{
	echo "Tour đã tồn tại";
}

?>
